nanog mailing list archives
Re: Spyware becomes increasingly malicious
From: "Alexei Roudnev" <alex () relcom net>
Date: Tue, 13 Jul 2004 10:53:14 -0700
The authors of these coolwebsearch variants are extremely intelligent programmers with far more understanding of the bowels of the windows platform than your average script kiddies. If you get hit with the version I saw, it's no 10 minute piece of cake.
It makes spywire more dangerous than viruses, which are written (in 99.99% cases) by more younger and less experienced persons (and without good QA, good project management etc).
What I don't understand is how exploiting bugs in a program (internet explorer) to install software without the consent or even acknowledgement from the owner/user is legal behavior. To me, it's just like someone abusing
It is not a bug; it is specially designed IE feature. MS always was proud of their full automation - install on demand, update automatically, add new software to start at a startup without need to be system admin, etc etc... As a result, we have a field full of bugs, pests, pets, spiders, spies and so on... They have _exactly_ what they designed. No one even bored to ask me 'do you want to allow this registry change' , because 'MS believe that their users are lamers so everything must be automated from the beginning to the end'... It is another weak side of MS design (first one is complexity....) and other side of MS agriculture (first one is monoculture easily infected by mortal infection). I do not blame MS, but what about spyware on MAC-s - is it so easy to write and install spyware there?
a bug in bind, and installing a rootkit, which last time
It is a difference. This was a bug. Bind have not undocumented features. MS have millions of undocumented features, and (because they never opened their OS and never published full specs) every developer play a game 'find a feature before competitors and use it'. As a result, someone finds features which was not designed but just 'happened' -:). Anyway, this are a features, not a bugs. This is 100% legal at this point (and even if it is not legal, who bored about it outside of USA? No anyone!).
I checked, could end up getting someone in legal troubles. For another hastily-thought-out analogy, it's like someone breaking into your house and reprogramming your cable box to keep changing the channel to the home shopping club every 30 seconds. -Brian
Current thread:
- RE: Spyware becomes increasingly malicious, (continued)
- RE: Spyware becomes increasingly malicious David Schwartz (Jul 12)
- Re: Spyware becomes increasingly malicious Christopher Woodfield (Jul 12)
- Re: Spyware becomes increasingly malicious David A . Ulevitch (Jul 12)
- plumbers coming down the pipe Paul Vixie (Jul 16)
- Re: Spyware becomes increasingly malicious Paul Vixie (Jul 12)
- Problems with private justice (was Re: Spyware becomes increasingly malicious) Sean Donelan (Jul 13)
- Re: Spyware becomes increasingly malicious Valdis . Kletnieks (Jul 13)
- Re: Spyware becomes increasingly malicious Alexei Roudnev (Jul 13)
- Re: Spyware becomes increasingly malicious Petri Helenius (Jul 13)
- Re: Spyware becomes increasingly malicious Alexei Roudnev (Jul 14)
- Re: Spyware becomes increasingly malicious John Underhill (Jul 14)
- Re: Spyware becomes increasingly malicious Niels Bakker (Jul 14)
- Re: Spyware becomes increasingly malicious John Underhill (Jul 14)
- Re: Spyware becomes increasingly malicious sthaug (Jul 14)
- Re: Spyware becomes increasingly malicious (let's return to reality) Alexei Roudnev (Jul 14)